Amazon Web Services782 тыс
Опубликовано 2 октября 2023, 23:31
Enterprise, network and security admins can use AWS Identity and Access Management (IAM) condition context keys with AWS Certificate Manager (ACM) to help ensure that users are issuing certificates that conform to their organization’s public key infrastructure (PKI) guidelines. For example, you can use condition keys to allow only DNS validation. Or, you can authorize which of your users can request certificates for specific domain names such as accounting.example.com and/or wildcard names.
Using these context keys, you can define how your ACM users customize certificate issuance parameters to authorize 1) a specific certificate validation method, 2) who can request certificates for specific domain names including wildcard names, 3) specific certificate key-algorithm(s), and 4) the request of public or private certificate type. Additionally, you can prevent users from disabling Certificate Transparency (CT) logging or requesting certificates from specific AWS Private Certificate Authorities.
You can distribute and enforce your condition keys across your users and accounts using either IAM or Service control polices (SCPs) from AWS Organizations. You can enforce organization-wide policies or have specific policies for organization units. For example, you can authorize your HR unit to issue certificates for the domain name HR.example.com while your IT department can only issue certificates for IT.example.com. You can also enforce these policies at account creation through AWS CloudFormation.
Learn more at: go.aws/3PFS1an
Subscribe:
More AWS videos: go.aws/3m5yEMW
More AWS events videos: go.aws/3ZHq4BK
Do you have technical AWS questions?
Ask the community of experts on AWS re:Post: go.aws/3lPaoPb
ABOUT AWS
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. Millions of customers — including the fastest-growing startups, largest enterprises, and leading government agencies — are using AWS to lower costs, become more agile, and innovate faster.
#AWSCertificateManager #ConditionKeys #LimitCertificateRequests #CertificateIssuanceGovernance #AWSSecurityServicesFeatureDemos #AWS #AmazonWebServices #CloudComputing
Using these context keys, you can define how your ACM users customize certificate issuance parameters to authorize 1) a specific certificate validation method, 2) who can request certificates for specific domain names including wildcard names, 3) specific certificate key-algorithm(s), and 4) the request of public or private certificate type. Additionally, you can prevent users from disabling Certificate Transparency (CT) logging or requesting certificates from specific AWS Private Certificate Authorities.
You can distribute and enforce your condition keys across your users and accounts using either IAM or Service control polices (SCPs) from AWS Organizations. You can enforce organization-wide policies or have specific policies for organization units. For example, you can authorize your HR unit to issue certificates for the domain name HR.example.com while your IT department can only issue certificates for IT.example.com. You can also enforce these policies at account creation through AWS CloudFormation.
Learn more at: go.aws/3PFS1an
Subscribe:
More AWS videos: go.aws/3m5yEMW
More AWS events videos: go.aws/3ZHq4BK
Do you have technical AWS questions?
Ask the community of experts on AWS re:Post: go.aws/3lPaoPb
ABOUT AWS
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. Millions of customers — including the fastest-growing startups, largest enterprises, and leading government agencies — are using AWS to lower costs, become more agile, and innovate faster.
#AWSCertificateManager #ConditionKeys #LimitCertificateRequests #CertificateIssuanceGovernance #AWSSecurityServicesFeatureDemos #AWS #AmazonWebServices #CloudComputing
Свежие видео